Security Engineer II - Threat Detection

Posted An Hour Ago
Be an Early Applicant
Gurgaon, Gurugram, Haryana, IND
Hybrid
Mid level
AdTech • eCommerce • Information Technology • Travel • Generative AI
Powering global travel for everyone, everywhere.
The Role
Design, build, and tune threat detection capabilities across SIEM and SOAR, develop correlation rules, analyze logs/telemetry, map detections to MITRE/Cyber Kill Chain, reduce false positives, and collaborate with SOC/IR teams to improve detection and response. Apply scripting and AI/ML concepts to strengthen detection and automation.
Summary Generated by Built In

At Expedia Group, we help travelers explore the world, one journey at a time. As a global travel company powered by passionate people, trusted partnerships, and leading technology, we connect travelers, partners, and advertisers through our consumer brands, B2B network, and travel advertising business.


Here, you'll do meaningful work that helps millions of people discover, book, and experience travel with more ease, confidence, and joy. Our five Behaviors-Traveler First, Think Big, Operate with Excellence, Ownership Mindset, and Succeed Together-help foster a supportive environment where people can grow their careers and have the flexibility, benefits, and support to do their best work. Join us and build for travelers everywhere.

Introduction to the Team:

We are part of the Cyber defense organisation, focused on detecting, analyzing and responding to security threats across the enterprise. Our mission is to proactively identify adversary behavior, strengthen detection capabilities and improve overall security posture.

You will support the design, development and tuning of detection capabilities across SIEM and SOAR platforms. You will work closely with analysts, incident responders and threat hunters to translate threats into actionable detections.

In this role, you will:

  • Design, implement, and maintain security controls and services that protect applications, infrastructure, and data across multiple products and platforms, leveraging strong system design, API design, and data modeling skills.

  • Assist in building and tuning detection rules across SIEM platforms

  • Develop and maintain correlation rules based on known attack patterns

  • Demonstrates understanding of attacker TTPs and how to detect them

  • Contributes to reducing false positives and improving detection quality

  • Document detection logic, use cases and response workflows

  • Map detections to frameworks like MITRE ATT&CK and the Cyber Kill Chain

  • Analyze logs and telemetry to identify suspicious patterns and gaps in detection

  • Participate in detection engineering lifecycle from ideation, development, testing and tuning

  • Collaborate with SOC and Incident Response teams to improve alert fidelity and reduce false positives

  • Assist in threat modeling and contribute to defense in depth strategies

  • Support development of automated workflows and playbooks in SOAR tools

  • Stay updated on emerging threats, attacker techniques and detection strategies

  • Apply familiarity with AI-driven systems, tools, or workflows and applying AI/ML concepts to real world products to strengthen detection, response, and prevention capabilities across multiple security domains

Experience and Qualifications: 

Minimum Qualifications:

  • Bachelor’s degree in Computer Science, Information Security, related technical field, or equivalent practical experience.

  • 2–5 years of experience in security engineering with a security focus, or infrastructure/security operations in cloud-based environments.

  • Must have exposure to scripting (Python, PowerShell or similar)

  • Experience designing, implementing, and operating security-related services or components (such as authentication/authorization, secrets management, encryption, or security monitoring) with clear ownership for the reliability, performance, and security of those services.

  • Understanding of security frameworks such as MITRE, Cyber Kill Chain

  • Familiarity with SIEM platforms (e.g. Splunk, Sentinel, QRadar), SOAR platforms and automation concept, Log analysis (authentication logs, network logs, endpoint telemetry)

  • Understanding of network fundamentals (DNS, HTTP, TCP/IP), common attack techniques (phishing, credential theft, lateral movement), defense-in-depth principles

Preferred Qualifications:

  • Exposure to threat intelligence concepts

  • Practical experience integrating or securing AI/ML-enabled systems, such as protecting data pipelines, securing model endpoints, or using AI-driven tools to enhance threat detection and response, while safely integrating and operating AI/ML‑enabled solutions that improve outcomes.

  • Depth in at least one security specialization (such as cloud security, application security, identity and access management, endpoint security, or security automation) combined with the ability to work effectively across multiple technical domains.

  • Familiarity with AI-driven systems, tools, or workflows and applying AI/ML concepts to real world products to enhance security capabilities, such as automated risk analysis, intelligent anomaly detection, or adaptive access controls.

Accommodation requests

Expedia Group is committed to providing an inclusive and accessible recruiting experience. If you need an accommodation or adjustment due to a disability during the application or recruiting process, please submit a request at https://expedia.service-now.com/askeg?id=job_accommodation.


About Expedia Group

Expedia Group includes three flagship consumer brands - Expedia, Hotels.com, and Vrbo - along with a leading B2B travel business and travel advertising offerings. Across our brands and business, we help travelers explore the world with confidence and ease.


Important notice

Employment opportunities and job offers at Expedia Group will always come from Expedia Group's Talent Acquisition and hiring teams. Never share sensitive personal information unless you are confident of the recipient. Expedia Group does not extend job offers via email or messaging tools to individuals with whom we have not made prior contact. Our email domain is @expediagroup.com. The official place to find and apply for roles is https://careers.expediagroup.com/jobs/.


Equal Opportunity

Expedia is committed to creating an inclusive work environment with a diverse workforce. All qualified applicants will receive consideration for employment without regard to race, religion, gender, sexual orientation, national origin, disability or age.

Skills Required

  • Bachelor's degree in Computer Science, Information Security, related field, or equivalent practical experience
  • 2-5 years of experience in security engineering, security-focused infrastructure, or security operations in cloud environments
  • Exposure to scripting (Python, PowerShell, or similar)
  • Experience designing, implementing, and operating security services (authentication/authorization, secrets management, encryption, or security monitoring)
  • Understanding of security frameworks such as MITRE ATT&CK and the Cyber Kill Chain
  • Familiarity with SIEM platforms (e.g., Splunk, Sentinel, QRadar), SOAR platforms, automation concepts, and log analysis
  • Understanding of network fundamentals (DNS, HTTP, TCP/IP) and common attack techniques (phishing, credential theft, lateral movement)
  • Experience with detection engineering lifecycle: ideation, development, testing, tuning, and documentation of detection logic and response workflows
  • Exposure to threat intelligence concepts
  • Practical experience integrating or securing AI/ML-enabled systems (protecting data pipelines, securing model endpoints, or using AI-driven tools for detection/response)
  • Depth in at least one security specialization (cloud security, application security, IAM, endpoint security, or security automation)

Expedia Group Compensation & Benefits Highlights

  • Wellbeing & Lifestyle Benefits Travel and wellness reimbursements, employee travel discounts, and flexible stipends are presented as standout perks that add meaningful lifestyle value. Mental-health resources and pet support broaden the package beyond core pay.
  • Parental & Family Support Paid parental leave for all parents with additional time for birthing parents, plus adoption, surrogacy, and caregiver support, are highlighted as generous and accessible. Immediate eligibility for parental leave reinforces the family-friendly design.
  • Healthcare Strength Medical, dental, and vision coverage is paired with inclusive healthcare extending to partners and covering fertility and transgender services. Access to mental-health platforms complements the core medical offering.

Expedia Group Insights

Am I A Good Fit?
beta
Get Personalized Job Insights.
Our AI-powered fit analysis compares your resume with a job listing so you know if your skills & experience align.

The Company
HQ: Seattle, WA
16,000 Employees
Year Founded: 1996

What We Do

Expedia Group powers travel for everyone, everywhere through our global platform. Driven by the core belief that travel is a force for good, we help people experience the world in new ways and build lasting connections. We provide industry-leading technology solutions to fuel partner growth and success, while facilitating memorable experiences for travelers. Expedia Group's family of brands includes: Brand Expedia®, Hotels.com®, Expedia® Partner Solutions, Vrbo®, trivago®, Orbitz®, Travelocity®, Hotwire®, Wotif®, ebookers®, CheapTickets®, Expedia Group™ Media Solutions, Expedia Local Expert®, CarRentals.com™, and Expedia Cruises™.

Why Work With Us

As travelers and technologists, we are passionate about making travel more seamless, accessible and memorable. We embrace different perspectives, celebrate new ideas, and empower every Expedian to drive meaningful change. The experiences we create bridge divides and broaden horizons – helping create unforgettable memories through travel.

Gallery

Gallery

Expedia Group Offices

Hybrid Workspace

Employees engage in a combination of remote and on-site work.

Typical time on-site: 3 days a week
HQSeattle, WA
JP
VE
HK
MY
Amsterdam, NL
Antalya, TR
Athens, GR
Auckland, NZ
Austin, Texas
Bangkok, TH
Barcelona, ES
Beijing, CN
Bengaluru, Karnataka
Berlin, DE
Bothell, US
Brisbane, AU
Brussels, BE
Chicago, US
Cologne, DE
Copenhagen, DK
Dallas, US
Denpasar, ID
Dubai, AE
Dublin, IE
Edinburgh, GB
Fort Lauderdale, US
Geneva, CH
Gurugram, Haryana
Gurugram, IN
Hanyang, KR
Ho Chi Minh, VN
Issaquah, US
İstanbul, TR
Johannesburg, ZA
Kailua-Kona, US
Kilkattalai, JO
Lahaina, US
Lisbon, PT
London, GB
Lyon, FR
Madrid, ES
Manila, PH
Marseille, FR
Melbourne, AU
Miami, US
Milan, IT
Mohokare, ZA
Montréal, CA
Munich, GD
Paris, FR
Poipu, US
Praha, CZ
Rome, IT
San Francisco, California
San Leonardo, PH
Sham Chun Hu, CN
Shanghai, CN
Singapore, SG
Springfield, US
Stockholm, SE
Sydney, AU
Taipei City, TW
Tokyo, JP
Toronto, CA
Wrocław, PL
Learn more

Similar Jobs

Expedia Group Logo Expedia Group

Security Engineer

AdTech • eCommerce • Information Technology • Travel • Generative AI
Hybrid
Gurgaon, Gurugram, Haryana, IND
16000 Employees

Expedia Group Logo Expedia Group

Learning and Development Trainer

AdTech • eCommerce • Information Technology • Travel • Generative AI
Hybrid
Gurugram, Haryana, IND
16000 Employees

Expedia Group Logo Expedia Group

Development Engineer

AdTech • eCommerce • Information Technology • Travel • Generative AI
Hybrid
Gurgaon, Gurugram, Haryana, IND
16000 Employees

Expedia Group Logo Expedia Group

Development Engineer

AdTech • eCommerce • Information Technology • Travel • Generative AI
Hybrid
Gurgaon, Gurugram, Haryana, IND
16000 Employees

Sign up now Access later

Create Free Account

Please log in or sign up to report this job.

Create Free Account